---
- branch: MAIN
  date: Thu Oct 18 14:39:38 UTC 2018
  files:
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/www/drupal8/Makefile
    pathrev: pkgsrc/www/drupal8/Makefile@1.12
    type: modified
  - new: '1.10'
    old: '1.9'
    path: pkgsrc/www/drupal8/PLIST
    pathrev: pkgsrc/www/drupal8/PLIST@1.10
    type: modified
  - new: '1.11'
    old: '1.10'
    path: pkgsrc/www/drupal8/distinfo
    pathrev: pkgsrc/www/drupal8/distinfo@1.11
    type: modified
  id: 20181018T143938Z.1af9bb21c0b6f616e7ffca75d78d21a9d970c5c8
  log: |
    www/drupal8: update to 8.6.2

    Release notes

    Maintenance and security release of the Drupal 8 series.

    This release fixes security vulnerabilities. Sites are urged to upgrade
    immediately after reading the notes below and the security announcement:

    * Drupal Core - Multiple vulnerabilities - SA-CORE-2018-006

    No other fixes are included.

    Sites on 8.5.x should update immediately to Drupal 8.5.8 instead, and plan to
    update to the latest 8.6.x release before May 2019.

    Important update information

    Site update and module owners planning to update to this should take note of
    the following important changes.

    For site owners

    * Previously, users who didn't have access to use any Content Moderation
      transitions were granted implicit access to update content provided the
      state of the content did not change. This access has been removed. Site
      owners should ensure that all content editor roles have access to
      appropriate transitions for moderated content types (including published to
      published where appropriate).

    * There are no database updates in this release, but site owners will need to
      run update.php to ensure a cache clear.

    * No changes have been made to the .htaccess, web.config, robots.txt or
      default settings.php files in this release, so upgrading custom versions of
      those files is not necessary.

    For contributed and custom module developers

    * \Drupal\Core\EventSubscriber\RedirectResponseSubscriber::sanitizeDestination()
      has been removed. If you have extended that class or are calling that
      method, you should review your implementation in line with the changes in
      the patch.

    * An additional method has been added to
      StateTransitionValidationInterface. Implementations should review the new
      method and ensure compatibility with it.

    * ModerationStateConstraintValidator now has two additional service
      dependencies. Subclasses will need to update their constructor to inject the
      new services.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/drupal8'
  unixtime: '1539873578'
  user: taca